newbe question - VPN one to many ?

[BoBAz]

I am a newbe to the VPN .. We currently have a vpn that allows us to have users in from home and also other branches... from what I understand .. each user/site has to have a secret / key that is shared between both ends... thusly making everybody share the same secret/key .. now having said all that. Is there another method to have a vpn with out all end sites sharing a single secret/key ? aleviating the problem that if we need to close a vpn site or a vpn site is compromised that the need to reach out and touch each site to change the secret/key...

If i sound like i dont know what I am talking about.. I would like to say that I am a newbie, so be kind. I asked the same question in another forum and was ripped to shreds !

TIA

BoBAz

 

[lgarner]

If you have site-site VPNs set up, you can and should use unique keys between them. In any case, since you control your VPN endpoint and can simply delete their tunnel.

For clients you could use username/password authentication for the simplest approach.

The full answer really depends on your VPN systems and the options that they provide.

 

[lanceja]

Have to agree with lgarner. It all depends on the VPN systems you are using.

I do know some of the VPN routers coming out today will allow up to 8 VPN connections. Each one is different, with different shared secrets.

I would look at your current VPN solution and see if it will allow more than one endpoint. If so, configure it for each of your off site locations.